CVE-2013-3299

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Input Validation Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 06/07/13 - Updated on 08/07/13

Description

RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2013-3299

Exploits

Exploit-DBEDB-38623

Relative technologies

VendorProduct
realnetworksrealplayer

Share this vulnerability with:

Twitter Facebook LinkedIn Mail